You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For a local SQRL password lockout to occur on a user's smartphone, someone—presumably not the user—would have to fail several times to properly enter the correct password to unlock their identity. This might mean, for example, five failures, configurable by the user, and might also incorporate a “wrong guess” response delay during which the user-interface would be non-responsive. Since impersonation is considered a serious breach of security, once the count of successively incorrect passwords entered has hit its limit, the SQRL application will erase the user's master key by overwriting its entire 512-bits with all 1's. This special case can only occur in response to local password guessing. Subsequently, whenever the SQRL application sees that is has a master key of all 1's, the user interface will display a notice that the master key has been erased to protect the owner's identity due to excessive password guessing. Since this is a large inconvenience to the phone's owner, the mischievous guessing party will be notified when two, and one, guesses remain before the user's secure identity is erased from the device. The hope is that someone who is merely playing around (for example an innocent child) will cease guessing not wishing to cause the phone's owner undue trouble.
At the point of password lockout and secure deletion, the only recourse will be to allow the smartphone to re-scan a copy of the identity QR code and reenter the identity password. Since exported SQRL master key QR codes are securely encrypted, it would be safe to keep a copy in a wallet or purse if it seems likely that others might be tripping the security lockout frequently and/or being locked out until the identity could be reloaded would be a problem.
The text was updated successfully, but these errors were encountered:
For a local SQRL password lockout to occur on a user's smartphone, someone—presumably not the user—would have to fail several times to properly enter the correct password to unlock their identity. This might mean, for example, five failures, configurable by the user, and might also incorporate a “wrong guess” response delay during which the user-interface would be non-responsive. Since impersonation is considered a serious breach of security, once the count of successively incorrect passwords entered has hit its limit, the SQRL application will erase the user's master key by overwriting its entire 512-bits with all 1's. This special case can only occur in response to local password guessing. Subsequently, whenever the SQRL application sees that is has a master key of all 1's, the user interface will display a notice that the master key has been erased to protect the owner's identity due to excessive password guessing. Since this is a large inconvenience to the phone's owner, the mischievous guessing party will be notified when two, and one, guesses remain before the user's secure identity is erased from the device. The hope is that someone who is merely playing around (for example an innocent child) will cease guessing not wishing to cause the phone's owner undue trouble.
At the point of password lockout and secure deletion, the only recourse will be to allow the smartphone to re-scan a copy of the identity QR code and reenter the identity password. Since exported SQRL master key QR codes are securely encrypted, it would be safe to keep a copy in a wallet or purse if it seems likely that others might be tripping the security lockout frequently and/or being locked out until the identity could be reloaded would be a problem.
The text was updated successfully, but these errors were encountered: